HJT-logi Windowsin juuressa kasa tiedostoja, kone takkuilee, mesevirus ehkä myös?

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by Levanki, Jun 6, 2008.

  1. Levanki

    Levanki Member

    Joined:
    Feb 27, 2007
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    11
    Kone takkuilee, internettiin ei pääse ja luultavasti myös mese virus tullut.

    HJT-loki
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:46:13, on 6.6.2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\HP\TVPlay\TVPService.exe
    C:\Program Files\F-Secure\Common\FSM32.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\BTTray.exe
    C:\Program Files 2\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
    C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe
    C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
    C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
    C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
    C:\Program Files\F-Secure\Common\FSMA32.EXE
    C:\Program Files\F-Secure\Common\FSMB32.EXE
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\F-Secure\Common\FCH32.EXE
    C:\Program Files\F-Secure\Common\FAMEH32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
    C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
    C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe
    C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
    C:\Program Files\F-Secure\Common\FNRB32.EXE
    C:\Program Files\F-Secure\Common\FIH32.EXE
    C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
    C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe
    C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
    C:\Program Files\F-Secure\FSGUI\fsguidll.exe
    C:\Program Files 4\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://phnet.fi/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.phnet.fi:8080
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.fi
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
    O4 - HKLM\..\Run: [TVPService] "C:\Program Files\HP\TVPlay\TVPService.exe"
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
    O4 - Global Startup: HP Photosmart Premier -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files 2\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
    O8 - Extra context menu item: Lähetä &Bluetooth-laitteeseen - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
    O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
    O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
    O18 - Protocol: bw+0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {4E855E53-7DDF-46CC-811A-CCBA53072647} - C:\Program Files 2\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe
    O23 - Service: CyberLink Media Library Service(HP TVPlay) - Cyberlink - C:\Program Files\HP\TVPlay\Kernel\CLML_NTService\CLMLServer.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: CyberLink Background Capture Service (CBCS HP TVPlay) (TVPCapSvc) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS HP TVPlay) (TVPSched) - Unknown owner - C:\Program Files\HP\TVPlay\Kernel\TV\TVPSched.exe

    --
    End of file - 22673 bytes

    Kapersky online scannerin tulos
    Scan Statistics
    Total number of scanned objects 74562
    Number of viruses found 5
    Number of infected objects 17
    Number of suspicious objects 0
    Duration of the scan process 01:43:59

    Infected Object Name Virus Name Last Action
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Sivuhistoria\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini.inuse Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.cdx Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.dbf Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Sivuhistoria\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Temp\~DF4A33.tmp Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\SIIKANEN\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\SIIKANEN\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\SIIKANEN\Omat tiedostot\Azureus Downloads\Make_Your_Windows_Genuine_-_For_XP_Server_2003__Vista_-_iNGEn\WINDOWS XP and Server 2003\2) XP-sp2 and Server 2003\iNGEn_XPsp2.exe/data.rar/findKey.exe Infected: not-a-virus:pSWTool.Win32.RAS.g skipped
    C:\Documents and Settings\SIIKANEN\Omat tiedostot\Azureus Downloads\Make_Your_Windows_Genuine_-_For_XP_Server_2003__Vista_-_iNGEn\WINDOWS XP and Server 2003\2) XP-sp2 and Server 2003\iNGEn_XPsp2.exe/data.rar Infected: not-a-virus:pSWTool.Win32.RAS.g skipped
    C:\Documents and Settings\SIIKANEN\Omat tiedostot\Azureus Downloads\Make_Your_Windows_Genuine_-_For_XP_Server_2003__Vista_-_iNGEn\WINDOWS XP and Server 2003\2) XP-sp2 and Server 2003\iNGEn_XPsp2.exe RarSFX: infected - 2 skipped
    C:\Documents and Settings\SIIKANEN\Omat tiedostot\Azureus Downloads\Windows XP Original Keys Keygen\Windows.XP original keygen\Windows.XP original keygen\RockXP4.exe/pwdump2/pwdump2.exe Infected: not-a-virus:pSWTool.Win32.PWDump.2 skipped
    C:\Documents and Settings\SIIKANEN\Omat tiedostot\Azureus Downloads\Windows XP Original Keys Keygen\Windows.XP original keygen\Windows.XP original keygen\RockXP4.exe/pwdump2/samdump.dll Infected: not-a-virus:pSWTool.Win32.PWDump.2 skipped
    C:\Documents and Settings\SIIKANEN\Omat tiedostot\Azureus Downloads\Windows XP Original Keys Keygen\Windows.XP original keygen\Windows.XP original keygen\RockXP4.exe/RockXP4_.exe Infected: not-a-virus:pSWTool.Win32.RAS.a skipped
    C:\Documents and Settings\SIIKANEN\Omat tiedostot\Azureus Downloads\Windows XP Original Keys Keygen\Windows.XP original keygen\Windows.XP original keygen\RockXP4.exe RAR: infected - 3 skipped
    C:\Documents and Settings\SIIKANEN\Omat tiedostot\Azureus Downloads\Windows XP Original Keys Keygen\Windows.XP original keygen.rar/Windows.XP original keygen/RockXP4.exe/pwdump2/pwdump2.exe Infected: not-a-virus:pSWTool.Win32.PWDump.2 skipped
    C:\Documents and Settings\SIIKANEN\Omat tiedostot\Azureus Downloads\Windows XP Original Keys Keygen\Windows.XP original keygen.rar/Windows.XP original keygen/RockXP4.exe/pwdump2/samdump.dll Infected: not-a-virus:pSWTool.Win32.PWDump.2 skipped
    C:\Documents and Settings\SIIKANEN\Omat tiedostot\Azureus Downloads\Windows XP Original Keys Keygen\Windows.XP original keygen.rar/Windows.XP original keygen/RockXP4.exe/RockXP4_.exe Infected: not-a-virus:pSWTool.Win32.RAS.a skipped
    C:\Documents and Settings\SIIKANEN\Omat tiedostot\Azureus Downloads\Windows XP Original Keys Keygen\Windows.XP original keygen.rar/Windows.XP original keygen/RockXP4.exe Infected: not-a-virus:pSWTool.Win32.RAS.a skipped
    C:\Documents and Settings\SIIKANEN\Omat tiedostot\Azureus Downloads\Windows XP Original Keys Keygen\Windows.XP original keygen.rar RAR: infected - 4 skipped
    C:\Program Files\F-Secure\Anti-Virus\dbupdate.log Object is locked skipped
    C:\Program Files\F-Secure\Anti-Virus\Qrt.log Object is locked skipped
    C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\chandir.dat Object is locked skipped
    C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\chandir.idx Object is locked skipped
    C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\chn.dat Object is locked skipped
    C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\chn.idx Object is locked skipped
    C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\D0000000.FCS Object is locked skipped
    C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\inuse.txt Object is locked skipped
    C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\L0000056.FCS Object is locked skipped
    C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\main.log Object is locked skipped
    C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs.dat Object is locked skipped
    C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs.idx Object is locked skipped
    C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_die.dat Object is locked skipped
    C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_die.idx Object is locked skipped
    C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_dnd.dat Object is locked skipped
    C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_dnd.idx Object is locked skipped
    C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_ext.dat Object is locked skipped
    C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_ext.idx Object is locked skipped
    C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_rcv.dat Object is locked skipped
    C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_rcv.idx Object is locked skipped
    C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\storydb.dat Object is locked skipped
    C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\storydb.idx Object is locked skipped
    C:\Program Files\F-Secure\common\policy.bpf Object is locked skipped
    C:\Program Files\F-Secure\common\policy.ipf Object is locked skipped
    C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.621 skipped
    C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
    C:\System Volume Information\_restore{34DB8CFB-A6EE-471F-B2DE-8779357D2F6D}\RP243\A0029537.exe/stream/data0008 Infected: not-a-virus:Client-IRC.Win32.mIRC.621 skipped
    C:\System Volume Information\_restore{34DB8CFB-A6EE-471F-B2DE-8779357D2F6D}\RP243\A0029537.exe/stream Infected: not-a-virus:Client-IRC.Win32.mIRC.621 skipped
    C:\System Volume Information\_restore{34DB8CFB-A6EE-471F-B2DE-8779357D2F6D}\RP243\A0029537.exe NSIS: infected - 2 skipped
    C:\System Volume Information\_restore{34DB8CFB-A6EE-471F-B2DE-8779357D2F6D}\RP279\change.log Object is locked skipped
    C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
    C:\WINDOWS\Downloaded Program Files\gsda.dll Infected: not-a-virus:Downloader.Win32.SpyGame skipped
    C:\WINDOWS\SchedLgU.Txt Object is locked skipped
    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
    C:\WINDOWS\Sti_Trace.log Object is locked skipped
    C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
    C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
    C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\default Object is locked skipped
    C:\WINDOWS\system32\config\default.LOG Object is locked skipped
    C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
    C:\WINDOWS\system32\config\SAM Object is locked skipped
    C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
    C:\WINDOWS\system32\config\software Object is locked skipped
    C:\WINDOWS\system32\config\software.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\system Object is locked skipped
    C:\WINDOWS\system32\config\system.LOG Object is locked skipped
    C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
    C:\WINDOWS\system32\h323log.txt Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
    C:\WINDOWS\wiadebug.log Object is locked skipped
    C:\WINDOWS\wiaservc.log Object is locked skipped
    C:\WINDOWS\WindowsUpdate.log Object is locked skipped
    Scan process completed.

    Kannattaisiko suoraan formatoida vai poistaa virukset?
     
    Levanki, Jun 6, 2008
    #1
  2. Hujo

    Hujo Guest

    Lataa Malwarebytes' Anti-Malware työpöydällesi.

    1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
    2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
    Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
    3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
    4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
    5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
    6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
    7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
    löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
    Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
    8. Lähetä lokin sisältö seuraavassa viestissäsi.
     
    Hujo, Jun 6, 2008
    #2
  3. Levanki

    Levanki Member

    Joined:
    Feb 27, 2007
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    11
    Malwarebytes' Anti-Malware 1.15
    Tietokantaversio: 838

    21:39:07 7.6.2008
    mbam-log-6-7-2008 (21-38-54).txt

    Tarkistustyyppi: Täysi tarkistus (C:\|D:\|E:\|F:\|I:\|)
    Tarkistetut kohteet: 97400
    Kulunut aika: 34 minute(s), 48 second(s)

    Saastuneita muistiprosesseja: 0
    Saastuneita muistimoduuleja: 0
    Saastuneita rekisteriavaimia: 0
    Saastuneita rekisteriarvoja: 0
    Saastuneita rekisterikohteita: 1
    Saastuneita hakemistoja: 0
    Saastuneita tiedostoja: 5

    Saastuneita muistiprosesseja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita muistimoduuleja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisteriavaimia:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisteriarvoja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisterikohteita:
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> No action taken.

    Saastuneita hakemistoja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita tiedostoja:
    C:\Documents and Settings\SIIKANEN\Omat tiedostot\Azureus Downloads\Make_Your_Windows_Genuine_-_For_XP_Server_2003__Vista_-_iNGEn\WINDOWS XP and Server 2003\1) Windows XP SP2 V2.1\iNGEn_XPsp2_v2.1.exe (Rogue.Installer) -> No action taken.
    C:\Documents and Settings\SIIKANEN\Omat tiedostot\Azureus Downloads\Make_Your_Windows_Genuine_-_For_XP_Server_2003__Vista_-_iNGEn\WINDOWS XP and Server 2003\2) XP-sp2 and Server 2003\iNGEN_WinDoWs.exe (Rogue.Installer) -> No action taken.
    C:\Documents and Settings\SIIKANEN\Omat tiedostot\Azureus Downloads\Make_Your_Windows_Genuine_-_For_XP_Server_2003__Vista_-_iNGEn\WINDOWS XP and Server 2003\2) XP-sp2 and Server 2003\iNGEn_XPsp2.exe (Rogue.Installer) -> No action taken.
    C:\System Volume Information\_restore{34DB8CFB-A6EE-471F-B2DE-8779357D2F6D}\RP281\A0040456.exe (Trojan.Downloader) -> No action taken.
    C:\System Volume Information\_restore{34DB8CFB-A6EE-471F-B2DE-8779357D2F6D}\RP282\A0040486.dll (Rogue.Multiple) -> No action taken.

    Anteeksi kun näin hitaasti vastailen, oli toisen koneen kanssa ongelmia. Kiitos
     
    Levanki, Jun 7, 2008
    #3
  4. Hujo

    Hujo Guest

    Hujo, Jun 7, 2008
    #4
  5. Levanki

    Levanki Member

    Joined:
    Feb 27, 2007
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    11
    Escan log:

    File C:\Documents and Settings\SIIKANEN\Omat tiedostot\Azureus Downloads\Windows XP Original Keys Keygen\Windows.XP original keygen\Windows.XP original keygen\RockXP4.exe tagged as not-a-virus:pSWTool.Win32.PWDump.2. No Action Taken.

    File C:\Documents and Settings\SIIKANEN\Omat tiedostot\Azureus Downloads\Windows XP Original Keys Keygen\Windows.XP original keygen.rar tagged as not-a-virus:pSWTool.Win32.PWDump.2. No Action Taken.

    File C:\WINDOWS\Downloaded Program Files\gsda.dll tagged as not-a-virus:Downloader.Win32.SpyGame. No Action Taken.

    älkää noista tiedostoista välittäkö, serialit on koneessa aidoit =)
     
    Last edited: Jun 7, 2008
    Levanki, Jun 7, 2008
    #5

Share This Page